Secret storage is implemented in Kaspersky Industrial CyberSecurity for Networks. Secrets allow you to securely store and use identification and authentication information that the application needs for automatic remote connections to devices. Secrets are used in security audit jobs that have the Remote connection device polling method selected or an Active Poll connector configured.
The application provides for various types of secrets. Depending on the purpose of the secret, you can select a relevant type and enter the appropriate data when adding or editing the secret settings.
Keep in secret the credentials required for remote connections to devices using remote connection protocols. The security audit jobs that use the Remote connection method to poll devices use the SSH protocol for remote connections. The Active poll connectors can use various protocols for remote connections, depending on the selected polling methods.
To ensure that identification and authentication details stored in secrets are used securely, the application implements protection against compromise of secrets when connected to remote devices. After public keys received from devices are saved in the application, it monitors all subsequent remote connections to these devices and sends no information from secrets in the event of device spoofing on the network.
Critical information of the secret, such as password or certificate private key, is available to you as plain text only once, when you enter this information when creating the secret. Once a secret is saved, critical information cannot be viewed. You can only replace critical information in the secret when you change the secret, for example, enter a new password.
You can manage secrets in the Settings → Secrets section. No more than 500 secrets can be added to the application.
Only users with the Administrator role can manage secrets.